CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2022-38784 – poppler: integer overflow in JBIG2 decoder using malformed files
https://notcve.org/view.php?id=CVE-2022-38784
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf. Poppler versiones anteriores a 22.08.0 incluyéndola, contiene un desbordamiento de enteros en el descodificador JBIG2 (la función JBIG2Stream::readTextRegionSeg() en el archivo JBIGStream.cc). El procesamiento de un archivo PDF o una imagen JBIG2 especialmente diseñados podría conllevar a un bloqueo o una ejecución de código arbitrario. • http://www.openwall.com/lists/oss-security/2022/09/02/11 https://github.com/jeffssh/CVE-2021-30860 https://github.com/zmanion/Vulnerabilities/blob/main/CVE-2022-38171.md https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1261/diffs?commit_id=27354e9d9696ee2bc063910a6c9a6b27c5184a52 https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BGY72LBJMFAKQWC2XH4MRPIGPQLXTFL6 https://lists.fedoraproject&# • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-38171
https://notcve.org/view.php?id=CVE-2022-38171
Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIG2Stream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2021-30860 (Apple CoreGraphics). Xpdf versiones anteriores a 4.04, contiene un desbordamiento de enteros en el decodificador JBIG2 (la función JBIG2Stream::readSymbolDictSeg() en el archivo JBIG2Stream.cc). El procesamiento de un archivo PDF o una imagen JBIG2 especialmente diseñados podría conllevar a un fallo o una ejecución de código arbitrario. • http://www.openwall.com/lists/oss-security/2022/09/02/11 http://www.xpdfreader.com/security-fixes.html https://dl.xpdfreader.com/xpdf-4.04.tar.gz https://github.com/jeffssh/CVE-2021-30860 https://github.com/zmanion/Vulnerabilities/blob/main/CVE-2022-38171.md https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html https://www.cve.org/CVERecord?id=CVE-2021-30860 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 2CVE-2022-27337 – poppler: A logic error in the Hints::Hints function can cause denial of service
https://notcve.org/view.php?id=CVE-2022-27337
A logic error in the Hints::Hints function of Poppler v22.03.0 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. Un error lógico en la función Hints::Hints de Poppler versión v22.03.0, permite a atacantes causar una denegación de servicio (DoS) por medio de un archivo PDF diseñado A logic error was found in Popplers' Hints::Hints function in the Hints.cc file. This flaw allows an attacker to trick a user into opening a crafted PDf file into the pdftops utility, which causes the program to hang for a long time, leading to a denial of service. • https://gitlab.freedesktop.org/poppler/poppler/-/issues/1230 https://gitlab.freedesktop.org/poppler/poppler/-/issues/1230#note_1372177 https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KOTDUXJOKDYO4I7MKHLT5NBGTN5E7FHQ https://www.debian.org/security/2022/dsa-5224 https://access.redhat.com/security/cve/CVE-2022-27337 https://bugzilla.redhat.com/show_bug.cgi?id=2087190 • CWE-1173: Improper Use of Validation Framework •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 2CVE-2021-30860 – Apple Multiple Products Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2021-30860
An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2. Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Se ha solucionado un desbordamiento de enteros con una validación de entrada mejorada. • https://github.com/jeffssh/CVE-2021-30860 https://github.com/Levilutz/CVE-2021-30860 http://seclists.org/fulldisclosure/2021/Sep/25 http://seclists.org/fulldisclosure/2021/Sep/26 http://seclists.org/fulldisclosure/2021/Sep/27 http://seclists.org/fulldisclosure/2021/Sep/28 http://seclists.org/fulldisclosure/2021/Sep/38 http://seclists.org/fulldisclosure/2021/Sep/39 http://seclists.org/fulldisclosure/2021/Sep/40 http://seclists.org/fulldisclosure/2021/Sep/50 http://ww • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-35702
https://notcve.org/view.php?id=CVE-2020-35702
DCTStream::getChars in DCTStream.cc in Poppler 20.12.1 has a heap-based buffer overflow via a crafted PDF document. NOTE: later reports indicate that this only affects builds from Poppler git clones in late December 2020, not the 20.12.1 release. In this situation, it should NOT be considered a Poppler vulnerability. However, several third-party Open Source projects directly rely on Poppler git clones made at arbitrary times, and therefore the CVE remains useful to users of those projects ** EN DISPUTA ** La función DCTStream::getChars en el archivo DCTStream.cc en Poppler versión 20.12.1, presenta un desbordamiento del búfer en la región stack de la memoria por medio de un documento PDF diseñado. NOTA: informes posteriores indican que esto sólo afecta a las construcciones de los clones de git de Poppler a finales de diciembre de 2020, no a la versión 20.12.1. • https://gitlab.freedesktop.org/poppler/poppler/-/issues/1011 • CWE-787: Out-of-bounds Write •